Detection at Scale

SAP's Matthew Valites on Why He Is a Proponent of Detection as Code

Apr 9, 2024

Matthew Valites, Director of Threat Detection & Operational Strategy at SAP, discusses the best threat detection approaches, using detection as code, and the role of GenAI in the future security landscape. He also shares actionable lessons from his book, 'Crafting the Infosec Playbook'.

29:32

Creator website

Episode guests

Matthew Valites

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Implementing operational detections like user logins uncovers anomalies for wins in threat detection.

Adapting detection strategies to diverse environments and using tailored macros enhances accuracy and efficiency at scale.

Deep dives

Approaching Threat Detection at Scale

Ensuring accurate baseline tuning is crucial for effective threat detection. Implementing operational detections, like user logins, uncovers anomalies, providing wins in detection. The podcast highlights the importance of Detection at Scale for modern security practices. With data volume growing and attack surfaces expanding, staying ahead of threats becomes paramount.

Introduction

2min

Personal Goals, Detection Theory, and Tailored Techniques in Large Corporations

3min

Optimizing Detection Logic in Various Environments

8min

Advocating for the Adoption of Detection as Code in Cybersecurity Practices

2min

Data Centralization and Mental Health in Security Operations

11min

Insights on Security Incident Response and Business Operations

3min

On this week's episode of the Detection at Scale podcast, Jack talks with Matthew Valites, Director of Threat Detection & Operational Strategy at SAP. They discuss which threat detection approach works the best, what metrics Matthew uses to gauge his programs, and why Matthew is a proponent of using detection as code.

Matthew also looks to the future and gives his prediction on what role technology such as GenAI will play in the security landscape. They close out their conversation with some actionable lessons from Matthew's book, Crafting the Infosec Playbook.

Topics discussed:

Which threat-detection approach works the best (hint: it's usually the one that provides the most visibility).
How Matthew manages the different logic in different environment using tailored macros.
What metrics Matthew uses to gauge his programs and how he keeps track of those metrics.
Why Matthew is a huge proponent of using detection as code, including the CIDC element it brings.
What makes GenAI so exciting, and what its role might be in the future.
How Matthew tries to take care of his team's mental and physical health.
Actionable lessons from the book Matthew co-authored, “Crafting the Infosec Playbook”, such as espousing the values of a service-based approach.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Detection at Scale

SAP's Matthew Valites on Why He Is a Proponent of Detection as Code

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Approaching Threat Detection at Scale

Matt Velitis on Professional Journey & Threat Detection

Prioritizing Detection Techniques for Threat Identification

Enhancing Detection Flexibility with Environment-Specific Tuning

Remember Everything You Learn from Podcasts